1. Field of the Invention
The present invention relates to a technology for performing a network access authentication of a terminal device using a signaling protocol.
2. Description of the Related Art
An authentication device called an authentication agent is currently in use, which performs a network access authentication for allowing a connection of a communication device to an internal network using a signaling protocol. Usually, the communication device cannot use various services provided in the internal network until the communication device is authenticated by the authentication agent. Some type of authentication devices performs a process of checking OS version, a process of checking update status of an antivirus pattern file, an antivirus quarantine process, and the like at the time of performing the authentication.
A session initiation protocol (SIP) is widely used as the signaling protocol for controlling and relaying a communication between communication devices. For example, an Internet protocol (IP) phone system using the Internet instead of a conventional telephone network is widely used as a communication system that employs the SIP (SIP system).
A standardized code for the SIP is disclosed in J. Rosenberg et al., “RFC 3261, SIP: Session Initiation Protocol”, [online], June 2002, retrieved from the Internet: <http://www.ietf.org/rfc/rfc3261.txt>. For example, the above reference describes a SIP proxy that includes a SIP-message relaying function of relaying a SIP message, which has been transmitted from one terminal to another terminal, to a subsequent server. Furthermore, according to the above reference, an IP address or information on a SIP address called a SIP uniform resource identifier (URI) of the IP terminal needs to be registered on the SIP proxy, for the terminal to start using the SIP system.
However, with a conventional method that employs the SIP, because a registration process of registering address information to the SIP proxy is performed for each terminal after the terminal is authenticated by the authentication agent or the like, there is a problem that a processing load of the SIP proxy is increased.
For example, in a place such as an office or a call center, in which the IP phones are fixedly installed, because a large number of terminals are subjected to be turned ON with a start of daily work, the number of registration requests is increased, resulting in an increase of the processing load of the SIP proxy.
Although the above problem can be partially solved by decreasing or distributing a concentration of the processing load by randomly changing a time to be taken from a start up of the terminal to a start of the registration process or the like, there is another problem that a time for activating an entire system becomes longer.
If a transmission control protocol (TCP) is used instead of a user datagram protocol (UDP) as a transport protocol between the terminal and the SIP proxy, there are problems that the processing load of establishing a connection is increased and memory consumption is increased for storing connection information including a port number or the like.
Furthermore, when a transport layer security (TLS)/TCP is used for improving a security, more-complicated processes are necessary for a key exchange and the like, and there is a possibility that the processing load of the SIP proxy is further increased if the registration processes are concentrated.